High severity zero-day vulnerability has been found in Google Chrome for Desktop, causing Google to release their ninth emergency update so far this year to patch it. Users of Chrome on Windows, Mac, and Linux should update to the latest version of this browser, which is version 108.0.5359.94 for Mac and Linux, and version(s) 108.0.5359.94/.95 […]
New Exploited Google Chrome Zero-Day Vulnerability Read More »
Three Android apps with over 2 million combined downloads have been found to have critical vulnerabilities that could result in remote code execution. These applications, Lazy Mouse, Telepad, and PC Keyboard, act as a remote keyboard or mouse for a desktop or laptop computer from the Android device they are installed on. Seven different vulnerabilities
Remote Code Execution Flaws in Keyboard Apps Read More »
A high-severity vulnerability that could allow changes to the Secure Boot settings on laptop devices has been identified on multiple models of Acer Notebooks. The affected models are Acer Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. This vulnerability has been identified by an ESET malware researcher and is being fixed by Acer
Acer Vulnerability Disables Secure Boot Settings Read More »
Google Chrome has released an emergency update to patch a critical severity vulnerability present in the Chrome desktop app. Microsoft have also alerted customers that the chromium-based browser Microsoft Edge also contains this vulnerability in both Windows and Mac versions of the desktop app. This has been given a high severity rating by Google and
Exploited Chromium Vulnerability in Chrome and Edge Read More »
Malicious Android apps posing as file managers have been identified and removed from the Google Play Store recently after infecting tens of thousands of users with a SharkBot banking trojan. This is not the only time the Google Play Store has been in the news recently for distributing malicious apps of different types. At the
Android Trojan Apps are a Continued Threat Read More »
A new ransomware tool called AXLocker is being used by attackers to encrypt files and steal Discord account tokens. A large community of cryptocurrency and NFT owners use Discord to connect with others who have a similar interest or portfolio. Discord uses authentication tokens which are saved to the computer when a user logs in,
AXLocker Ransomware Steals Discord Account Tokens Read More »
Two critical severity vulnerabilities have been identified in Atlassian products Crowd, and Bitbucket Server and Data Center. Security advisories were released by Atlassian for each product detailing the severity, affected versions, and mitigation steps. The Atlassian Crowd Server and Data Center vulnerability affects all versions released after Crowd 3.0.0, however version 3.0.0 itself is an
Critical Severity Vulnerabilities in Atlassian Products Read More »
A critical vulnerability is being exploited in Magento 2 and Adobe Commerce sites for online retailers. Attackers are sending trojan orders to the target website and are hiding their attacks by using the increase in online purchases around the time of Black Friday and Cyber Monday sales, and in the holiday shopping period in general.
TrojanOrder Attacks Target Online Retailers Read More »
A Mozilla Foundation Security Advisory was released yesterday detailing the security vulnerabilities that have been fixed in the latest Firefox update. Firefox 107 contains security fixes to 8 high severity vulnerabilities that impact previous versions of this product. These include three use-after-free vulnerabilities in InputStream (CVE-2022-45405), JavaScript Realm (CVE-2022-45406), and Garbage Collection (CVE-2022-45409), and a
Mozilla Firefox Fix 19 Vulnerabilities Read More »
This week was November’s patch Tuesday, where Microsoft issued a security update that resolved 68 different vulnerabilities, 6 of which were actively exploited zero-day flaws. A total of 11 vulnerabilities that have been patched this week have been given a critical severity rating, due to a possible exploit leading to elevation of privileges, spoofing, or
Microsoft Patch Six Zero-Day Vulnerabilities Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.